Scammers drain cryptocurrency wallets through Telegram phishing scam

In a recent wave of cryptocurrency theft, scammers have exploited a vulnerability in ERC-2612 tokens, enabling them to drain victims’ wallets without requiring transaction confirmation. Reports suggest that attackers have successfully executed this scam through a deceptive method on Telegram, leading to significant financial losses for unsuspecting users.

Telegram phishing scam exploits ERC-2612 tokens

The scam targets tokens compliant with the ERC-2612 standard, which facilitates “gas-less” transfers and eliminates users needing to manually approve transactions. Instead, attackers leverage the owner’s signature to drain funds from compromised wallets. Victims are lured into the scam through fraudulent Telegram groups posing as official channels for token developers.

Victims are enticed to connect their wallets to purported verification systems, believing it to be a routine process to prove they are not bots. However, users unwittingly grant access to their wallets by merely connecting their wallets. Despite never authorizing any transactions, victims find their cryptocurrency holdings depleted within minutes of interaction with the fraudulent platform.

Sophisticated phishing techniques unveiled

A closer examination of the scam reveals the intricacy of the phishing techniques. The fraudulent Telegram groups mimic legitimate verification systems, such as Collab. Land, with subtle differentiations that evade detection at first glance. For instance, the fake system sends messages from a nearly identical username, capitalizing on visual similarities to deceive users.

Blockchain data sheds light on the mechanics of the attack, showcasing the exploitation of the ERC-2612 standard’s features. Attackers manipulate functions within token contracts, such as “Permit,” to authorize transfers without requiring traditional approval transactions. 

Scammers circumvent security measures by setting themselves as authorized spenders and victims as owners, enabling unauthorized fund transfers.

Security implications of ERC-2612 standard

While the ERC-2612 standard introduces convenience by enabling transactions without holding Ether, it also introduces new avenues for exploitation. Permitting transfers through signed messages rather than approval transactions presents opportunities and risks. While legitimate developers may leverage this feature to enhance user experience, scammers exploit it to defraud unsuspecting users.

As cryptocurrency scams evolve, users must exercise caution to safeguard their digital assets. Vigilance is paramount when engaging with online platforms, particularly on social media channels like Telegram. Verifying the authenticity of communication channels and refraining from sharing sensitive information can mitigate the risk of falling victim to phishing scams.